<?php
class Apps_Controller_Action_Default extends Apps_Controller_Action {


    public $_default_keyword      = '';
    public $_default_description  = '';
    public $_default_header_title = '';

    public function _preDispatch() {
        // Dung chung cho menu va footer
        $tbCategory = new Model_DbTable_ProductCategory();
        $category = $tbCategory->listParentCategory();
        $this->view->category_all = $category;
    }

    //ham set phan trang
    public function setPagination($select, $request, $linePerPsge = 6) {
        if(($select instanceof Zend_Db_Select) || is_array($select)) {
            Zend_View_Helper_PaginationControl::setDefaultViewPartial("/components/pager/controls_pager.phtml");

            $paginator = Zend_Paginator::factory($select);

            $paginator->setCurrentPageNumber($request->getParam("page"),1);
            $linePerPage = ($request->getParam("line_per_page"))?($request->getParam("line_per_page")): $linePerPsge;

            $paginator->setDefaultItemCountPerPage($linePerPage);

            $this->view->line_per_page = $linePerPage;
            $this->view->paginator     = $paginator;
        }
    }

    public function quote($input) {
        $search = array('chr(', 'chr=', 'chr%20', '%20chr', 'wget%20', '%20wget', 'wget(',
 			       'cmd=', '%20cmd', 'cmd%20', 'rush=', '%20rush', 'rush%20',
                   'union%20', '%20union', 'union(', 'union=', 'echr(', '%20echr', 'echr%20', 'echr=',
                   'esystem(', 'esystem%20', 'cp%20', '%20cp', 'cp(', 'mdir%20', '%20mdir', 'mdir(',
                   'mcd%20', 'mrd%20', 'rm%20', '%20mcd', '%20mrd', '%20rm',
                   'mcd(', 'mrd(', 'rm(', 'mcd=', 'mrd=', 'mv%20', 'rmdir%20', 'mv(', 'rmdir(',
                   'chmod(', 'chmod%20', '%20chmod', 'chmod(', 'chmod=', 'chown%20', 'chgrp%20', 'chown(', 'chgrp(',
                   'locate%20', 'grep%20', 'locate(', 'grep(', 'diff%20', 'kill%20', 'kill(', 'killall',
                   'passwd%20', '%20passwd', 'passwd(', 'telnet%20', 'vi(', 'vi%20',
                   'insert%20into', 'select%20', 'nigga(', '%20nigga', 'nigga%20', 'fopen', 'fwrite', '%20like', 'like%20',
                   '$_request', '$_get', '$request', '$get', '.system', 'HTTP_PHP', '&aim', '%20getenv', 'getenv%20',
                   'new_password', '&icq','/etc/password','/etc/shadow', '/etc/groups', '/etc/gshadow',
                   'HTTP_USER_AGENT', 'HTTP_HOST', '/bin/ps', 'wget%20', 'uname\x20-a', '/usr/bin/id',
                   '/bin/echo', '/bin/kill', '/bin/', '/chgrp', '/chown', '/usr/bin', 'g\+\+', 'bin/python',
                   'bin/tclsh', 'bin/nasm', 'perl%20', 'traceroute%20', 'ping%20', '.pl', '/usr/X11R6/bin/xterm', 'lsof%20',
                   '/bin/mail', '.conf', 'motd%20', 'HTTP/1.', '.inc.php', 'config.php', 'cgi-', '.eml',
                   'file\://', 'window.open', '<SCRIPT>', 'javascript\://','img src', 'img%20src','.jsp','ftp.exe',
                   'xp_enumdsn', 'xp_availablemedia', 'xp_filelist', 'xp_cmdshell', 'nc.exe', '.htpasswd',
                   'servlet', '/etc/passwd', 'wwwacl', '~root', '~ftp', '.js', '.jsp', 'admin_', '.history',
                   'bash_history', '.bash_history', '~nobody', 'server-info', 'server-status', 'reboot%20', 'halt%20',
                   'powerdown%20', '/home/ftp', '/home/www', 'secure_site, ok', 'chunked', 'org.apache', '/servlet/con',
                   '<script', '/robot.txt' ,'/perl' ,'mod_gzip_status', 'db_mysql.inc', '.inc', 'select%20from',
                   'select from', 'drop%20', '.system', 'getenv', 'http_', '_php', 'php_', 'phpinfo()', '<?php', '?>', 'sql=',
                   'select', 'SELECT', 'delete', 'DELETE', 'drop', 'DROP', 'trancate', 'TRANCATE',
                   'script','</script>');

        $replace = array('_chr(', '_chr=', '_chr%20', '_%20chr', '_wget%20', '_%20wget', '_wget(',
 			       '_cmd=', '_%20cmd_', '_cmd%20', '_rush=', '_%20rush', '_rush%20',
                   '_union%20', '_%20union', '_union(', '_union=', '_echr(', '_%20echr', '_echr%20', '_echr=',
                   '_esystem(', '_esystem%20', '_cp%20', '_%20cp', '_cp(', '_mdir%20', '_%20mdir', '_mdir(',
                   '_mcd%20', '_mrd%20', '_rm%20', '_%20mcd', '_%20mrd', '_%20rm',
                   '_mcd(', '_mrd(', '_rm(', '_mcd=', '_mrd=', '_mv%20', '_rmdir%20', '_mv(', '_rmdir(',
                   '_chmod(', '_chmod%20', '_%20chmod', '_chmod(', '_chmod=', '_chown%20', '_chgrp%20', '_chown(', '_chgrp(',
                   '_locate%20', '_grep%20', '_locate(', '_grep(', '_diff%20', '_kill%20', '_kill(', '_killall',
                   '_passwd%20', '_%20passwd', '_passwd(', '_telnet%20', '_vi(', '_vi%20',
                   '_insert%20into', '_select%20', '_nigga(', '_%20nigga', '_nigga%20', '_fopen', '_fwrite', '_%20like', '_like%20',
                   '_$_request', '_$_get', '_$request', '_$get', '_.system', '_HTTP_PHP', '_&aim', '_%20getenv', '_getenv%20',
                   '_new_password', '_&icq','_/etc/password','_/etc/shadow', '_/etc/groups', '_/etc/gshadow',
                   '_HTTP_USER_AGENT', '_HTTP_HOST', '_/bin/ps', '_wget%20', '_uname\x20-a', '_/usr/bin/id',
                   '_/bin/echo', '_/bin/kill', '_/bin/', '_/chgrp', '_/chown', '_/usr/bin', '_g\+\+', '_bin/python',
                   '_bin/tclsh', '_bin/nasm', '_perl%20', '_traceroute%20', '_ping%20', '_.pl', '_/usr/X11R6/bin/xterm', '_lsof%20',
                   '_/bin/mail', '_.conf', '_motd%20', '_HTTP/1.', '_.inc.php', '_config.php', '_cgi-', '_.eml',
                   '_file\://', '_window.open_', '_<SCRIPT>', '_javascript\://','_img src', '_img%20src','_.jsp','_ftp.exe',
                   '_xp_enumdsn', '_xp_availablemedia_', '_xp_filelist', '_xp_cmdshell', '_nc.exe', '_.htpasswd',
                   '_servlet', '_/etc/passwd_', '_wwwacl', '_~root', '_~ftp', '_.js', '_.jsp', '_admin_', '_.history',
                   '_bash_history', '_.bash_history_', '_~nobody', '_server-info', '_server-status', '_reboot%20', '_halt%20',
                   '_powerdown%20', '_/home/ftp_', '_/home/www_', '_secure_site_, _ok', '_chunked', '_org.apache', '_/servlet/con',
                   '_<script', '_/robot.txt_' ,'_/perl' ,'_mod_gzip_status', '_db_mysql.inc', '_.inc', '_select%20from',
                   '_select from_', '_drop%20_', '_.system', '_getenv_', '_http_', '_php_', '_php_', '_phpinfo()_', '_<?php_', '_?>_', '_sql=_',
                   '_select', '_SELECT', '_delete', '_DELETE', '_drop', '_DROP', '_trancate', '_TRANCATE',
                   '_script','_</_script>');

        $input = $this->_dbAdapter->quote($input);

        $input = substr($input, 1);
        $input = substr($input, 0, -1);
        $input = str_replace($search, $replace, $input);

        return $input;
    }
}